- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-02-2021 01:42 AM - edited 07-05-2021 12:57 PM
Hi EveryOne!
the Cisco Wireless controller Does not syslog the WiFi client association (users) on successfull !!!
Do i need an extrat config to satisfy that!!, if yes how !!!
Best Regards.
Solved! Go to Solution.
- Labels:
-
Wireless LAN Controller
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2021 06:27 AM
try below :
Configure the syslog facility for client by entering this command:
config logging syslog facility client {assocfail | associate | authentication | authfail | deauthenticate | disassociate | excluded} {enable | disable}
where:
-
assocfail : 802.11 association fail syslog for clients.
-
authentication : Authentication success syslog for clients
-
authfail : 802.11 authentication fail syslog for clients
-
deauthenticate : 802.11 deauthentication syslog for clients
-
disassociate : 802.11 disassociation syslog for clients
-
excluded : Excluded syslog for clients
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-02-2021 05:07 AM
Since we do not know what WLC controller and version of code running, also do you have ISE in place for authentication or not
in general, you can enable log as below mentioned document :
If you have using ISE, ISE does have a very good logging system you can to push that logs to SYSLOG Server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2021 06:07 AM
Hi Sir!
sorry for not given much details!
wlc 3504 and no ISE used, Im using syslog server only!
here the APs Syslog config from the WLC:
(wlc) >show ap config global
AP global system logging host.................... 10.XX.YY.ZZ
AP global system logging level................... informational
AP Telnet Settings............................... Globally Configured (Disabled)
AP SSH Settings.................................. Globally Configured (Disabled)
Diminished TX power Settings..................... Globally Configured (Disabled)
AP Broken Antenna Failure Detection - Status..... Disabled
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2021 06:27 AM
try below :
Configure the syslog facility for client by entering this command:
config logging syslog facility client {assocfail | associate | authentication | authfail | deauthenticate | disassociate | excluded} {enable | disable}
where:
-
assocfail : 802.11 association fail syslog for clients.
-
authentication : Authentication success syslog for clients
-
authfail : 802.11 authentication fail syslog for clients
-
deauthenticate : 802.11 deauthentication syslog for clients
-
disassociate : 802.11 disassociation syslog for clients
-
excluded : Excluded syslog for clients
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2021 05:21 AM
hi, Sir!
this is exactly what im looking for, just one small detail:
i was connected then i did : [1: disassociation | 2: association then | 3: disassociation]
i only receive on my syslog server this
*apfMsConnTask_3: Jan 05 13:48:49.758: %APF-3-ASSOC_TRAP: apf_80211.c:19384 Client Association: MACAddress:aa:aa:aa:aa:aa:aa Base Radio MAC:yy:yy:yy:yy:yy:yy Slot:1 User Name:unknown Ip Address:10.ii:oo:pp
*apfReceiveTask: Jan 05 13:54:14.418: %APF-3-DISASSOC_TRAP: apf_80211.c:19394 Client Disassociated: MACAddress:aa:aa:aa:aa:aa:aa Base Radio MAC:yy:yy:yy:yy:yy:yy Slot:1 User Name:unknown Ip Address:10.ii:oo:pp Reason:Disassociated due to inactivity ReasonCode:4
i did not receive trap for the first disassociation and the second one is sent after almost 6min, ==>> is this normal !!!
Cordially!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2021 06:20 AM
Does anyone know what is the equivalent config for the 9800 WLCs?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2021 01:03 PM - edited 10-28-2021 01:04 PM
If anyone ever stumbles on this, I got it working on the 9800 WLC with:
wireless client syslog-detailed
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-30-2022 05:54 AM
Thank you very much for this tip!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2021 05:30 AM
Some time Log shipping may be due to waiting time, but you should see both the logs in syslog if they configured same way.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-05-2021 06:38 AM
when disassociate the client, the led-state goes green after blue in 6sec. the client is disassociated after almost 6min.
i verify with : #show client summary
by the way, how can i refresh the clients in the #show client summary using #CLI! (to not wait 5min
Cordially
